low
3.7
Advisory Published
CVE Published
Updated

CVE-2013-2451

First published: Mon Jun 17 2013(Updated: )

It was discovered that the Networking component did not properly enforce exclusive port binding. A local attacker could exploit this flaw to bind to ports intended to be exclusively bound.

Credit: secalert_us@oracle.com

Affected SoftwareAffected VersionHow to fix
Oracle JRE<=1.7.0
Oracle JRE=1.7.0
Oracle JRE=1.7.0-update1
Oracle JRE=1.7.0-update10
Oracle JRE=1.7.0-update11
Oracle JRE=1.7.0-update13
Oracle JRE=1.7.0-update15
Oracle JRE=1.7.0-update17
Oracle JRE=1.7.0-update2
Oracle JRE=1.7.0-update3
Oracle JRE=1.7.0-update4
Oracle JRE=1.7.0-update5
Oracle JRE=1.7.0-update6
Oracle JRE=1.7.0-update7
Oracle JRE=1.7.0-update9
Oracle OpenJDK 1.8.0<=1.7.0
Oracle OpenJDK 1.8.0=1.7.0
Oracle OpenJDK 1.8.0=1.7.0-update1
Oracle OpenJDK 1.8.0=1.7.0-update10
Oracle OpenJDK 1.8.0=1.7.0-update11
Oracle OpenJDK 1.8.0=1.7.0-update13
Oracle OpenJDK 1.8.0=1.7.0-update15
Oracle OpenJDK 1.8.0=1.7.0-update17
Oracle OpenJDK 1.8.0=1.7.0-update2
Oracle OpenJDK 1.8.0=1.7.0-update3
Oracle OpenJDK 1.8.0=1.7.0-update4
Oracle OpenJDK 1.8.0=1.7.0-update5
Oracle OpenJDK 1.8.0=1.7.0-update6
Oracle OpenJDK 1.8.0=1.7.0-update7
Oracle OpenJDK 1.8.0=1.7.0-update9
Oracle JRE<=1.6.0
Oracle JRE=1.6.0-update22
Oracle JRE=1.6.0-update23
Oracle JRE=1.6.0-update24
Oracle JRE=1.6.0-update25
Oracle JRE=1.6.0-update26
Oracle JRE=1.6.0-update27
Oracle JRE=1.6.0-update29
Oracle JRE=1.6.0-update30
Oracle JRE=1.6.0-update31
Oracle JRE=1.6.0-update32
Oracle JRE=1.6.0-update33
Oracle JRE=1.6.0-update34
Oracle JRE=1.6.0-update35
Oracle JRE=1.6.0-update37
Oracle JRE=1.6.0-update38
Oracle JRE=1.6.0-update39
Oracle JRE=1.6.0-update41
Oracle JRE=1.6.0-update43
Sun Java Runtime Environment (JRE)=1.6.0
Sun Java Runtime Environment (JRE)=1.6.0-update_1
Sun Java Runtime Environment (JRE)=1.6.0-update_10
Sun Java Runtime Environment (JRE)=1.6.0-update_11
Sun Java Runtime Environment (JRE)=1.6.0-update_12
Sun Java Runtime Environment (JRE)=1.6.0-update_13
Sun Java Runtime Environment (JRE)=1.6.0-update_14
Sun Java Runtime Environment (JRE)=1.6.0-update_15
Sun Java Runtime Environment (JRE)=1.6.0-update_16
Sun Java Runtime Environment (JRE)=1.6.0-update_17
Sun Java Runtime Environment (JRE)=1.6.0-update_18
Sun Java Runtime Environment (JRE)=1.6.0-update_19
Sun Java Runtime Environment (JRE)=1.6.0-update_2
Sun Java Runtime Environment (JRE)=1.6.0-update_20
Sun Java Runtime Environment (JRE)=1.6.0-update_21
Sun Java Runtime Environment (JRE)=1.6.0-update_3
Sun Java Runtime Environment (JRE)=1.6.0-update_4
Sun Java Runtime Environment (JRE)=1.6.0-update_5
Sun Java Runtime Environment (JRE)=1.6.0-update_6
Sun Java Runtime Environment (JRE)=1.6.0-update_7
Sun Java Runtime Environment (JRE)=1.6.0-update_9
Oracle OpenJDK 1.8.0<=1.6.0
Oracle OpenJDK 1.8.0=1.6.0-update22
Oracle OpenJDK 1.8.0=1.6.0-update23
Oracle OpenJDK 1.8.0=1.6.0-update24
Oracle OpenJDK 1.8.0=1.6.0-update25
Oracle OpenJDK 1.8.0=1.6.0-update26
Oracle OpenJDK 1.8.0=1.6.0-update27
Oracle OpenJDK 1.8.0=1.6.0-update29
Oracle OpenJDK 1.8.0=1.6.0-update30
Oracle OpenJDK 1.8.0=1.6.0-update31
Oracle OpenJDK 1.8.0=1.6.0-update32
Oracle OpenJDK 1.8.0=1.6.0-update33
Oracle OpenJDK 1.8.0=1.6.0-update34
Oracle OpenJDK 1.8.0=1.6.0-update35
Oracle OpenJDK 1.8.0=1.6.0-update37
Oracle OpenJDK 1.8.0=1.6.0-update38
Oracle OpenJDK 1.8.0=1.6.0-update39
Oracle OpenJDK 1.8.0=1.6.0-update41
Oracle OpenJDK 1.8.0=1.6.0-update43
Java Development Kit (JDK)=1.6.0
Java Development Kit (JDK)=1.6.0-update_10
Java Development Kit (JDK)=1.6.0-update_11
Java Development Kit (JDK)=1.6.0-update_12
Java Development Kit (JDK)=1.6.0-update_13
Java Development Kit (JDK)=1.6.0-update_14
Java Development Kit (JDK)=1.6.0-update_15
Java Development Kit (JDK)=1.6.0-update_16
Java Development Kit (JDK)=1.6.0-update_17
Java Development Kit (JDK)=1.6.0-update_18
Java Development Kit (JDK)=1.6.0-update_19
Java Development Kit (JDK)=1.6.0-update_20
Java Development Kit (JDK)=1.6.0-update_21
Java Development Kit (JDK)=1.6.0-update_3
Java Development Kit (JDK)=1.6.0-update_4
Java Development Kit (JDK)=1.6.0-update_5
Java Development Kit (JDK)=1.6.0-update_6
Java Development Kit (JDK)=1.6.0-update_7
Java Development Kit (JDK)=1.6.0-update1
Java Development Kit (JDK)=1.6.0-update1_b06
Java Development Kit (JDK)=1.6.0-update2

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2013-2451?

    CVE-2013-2451 is classified with a medium severity level due to the potential for a local attacker to bind to ports intended for exclusive access, which may lead to further exploits.

  • How do I fix CVE-2013-2451?

    To mitigate CVE-2013-2451, users should upgrade to the latest version of Oracle Java SE and apply security patches provided by Oracle.

  • Who is affected by CVE-2013-2451?

    CVE-2013-2451 affects users of Oracle Java SE 7 Update 21 and earlier versions, including specific updates of JDK and JRE.

  • What type of vulnerability is CVE-2013-2451?

    CVE-2013-2451 is a local privilege escalation vulnerability due to improper enforcement of exclusive port binding.

  • Can CVE-2013-2451 be exploited remotely?

    No, CVE-2013-2451 can only be exploited by local attackers who have access to the affected system.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203